polymarket-twitter-cross-contagion-trader 安全扫描报告 — 低风险 | ClawSafe

15 /100

polymarket-twitter-cross-contagion-trader

Trades post-count bin markets by detecting cross-person contagion where one public figure posting heavily causes correlated figures to increase their rate.

A legitimate Polymarket trading bot with proper safety defaults; paper trading is enforced without --live, credential usage is confined to local SDK calls, and no malicious behavior was detected.

技能名称polymarket-twitter-cross-contagion-trader

分析耗时30.7s

引擎pi

✓

可以安装

Pin the simmer-sdk version in requirements to mitigate supply chain risk. Otherwise, the skill is safe for use.

安全发现 1 项

严重性	安全发现	位置
低危	Unpinned simmer-sdk dependency 供应链 The skill declares 'requires_pip: simmer-sdk' but specifies no version constraint. Installing without a pin means pip fetches the latest release, which could be replaced or compromised. `"requires": { "pip": ["simmer-sdk"] }` → Pin to a specific version, e.g., 'simmer-sdk==1.2.3', and verify the hash if possible. Review the SDK source at https://github.com/SpartanLabsXyz/simmer-sdk before deploying with live credentials.	`clawhub.json:5`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No file read/write operations found
网络访问	`READ`	`READ`	✓ 一致	SimmerClient API calls to api.simmer.markets (declared)
命令执行	`NONE`	`NONE`	—	No subprocess/os.system/eval calls
环境变量	`READ`	`READ`	✓ 一致	Reads SIMMER_API_KEY and SIMMER_* tunables only
技能调用	`NONE`	`NONE`	—	N/A
剪贴板	`NONE`	`NONE`	—	N/A
浏览器	`NONE`	`NONE`	—	N/A
数据库	`NONE`	`NONE`	—	N/A

2 项发现

🔗

中危外部 URL 外部 URL

https://simmer.markets/skills

SKILL.md:10

📧

提示邮箱邮箱地址

[email protected]

SKILL.md:119

目录结构

3 文件 · 17.9 KB · 502 行

Python 1f · 298L Markdown 1f · 121L JSON 1f · 83L

├─ 📋 clawhub.json JSON 83L · 1.6 KB

├─ 📝 SKILL.md Markdown 121L · 5.1 KB

└─ 🐍 trader.py Python 298L · 11.2 KB

依赖分析 1 项

包名	版本	来源	已知漏洞	备注
`simmer-sdk`	`*`	pip	否	Version not pinned; published by [email protected] on PyPI

安全亮点

✓ Paper trading is the hardcoded default; real trades require explicit --live flag

✓ No shell execution, subprocess, or eval calls

✓ No credential exfiltration; SIMMER_API_KEY is used only for local SimmerClient auth

✓ No sensitive path access (~/.ssh, ~/.aws, .env files are not touched)

✓ No base64, obfuscation, or hidden HTML instructions

✓ autostart=false and cron=null prevent unattended execution

✓ Documentation accurately describes all behavior and safety mechanisms

✓ Risk parameters are tunable via SIMMER_* env vars, keeping credentials isolated